Easy Digital Downloads - Version 2.9.14

Version Description

Files changed (4) hide show

easy-digital-downloads.php CHANGED Viewed

	@@ -5,7 +5,7 @@
5	* Description: The easiest way to sell digital products with WordPress.
6	* Author: Easy Digital Downloads
7	* Author URI: https://easydigitaldownloads.com
8	- * Version: 2.9.13
9	* Text Domain: easy-digital-downloads
10	* Domain Path: languages
11	*
	@@ -25,7 +25,7 @@
25	* @package EDD
26	* @category Core
27	* @author Pippin Williamson
28	- * @version 2.9.13
29	*/
30
31	// Exit if accessed directly.
	@@ -206,7 +206,7 @@ final class Easy_Digital_Downloads {
206
207	// Plugin version.
208	if ( ! defined( 'EDD_VERSION' ) ) {
209	- define( 'EDD_VERSION', '2.9.13' );
210	}
211
212	// Plugin Folder Path.


5	* Description: The easiest way to sell digital products with WordPress.
6	* Author: Easy Digital Downloads
7	* Author URI: https://easydigitaldownloads.com
8	+ * Version: 2.9.14
9	* Text Domain: easy-digital-downloads
10	* Domain Path: languages
11	*

25	* @package EDD
26	* @category Core
27	* @author Pippin Williamson
28	+ * @version 2.9.14
29	*/
30
31	// Exit if accessed directly.

206
207	// Plugin version.
208	if ( ! defined( 'EDD_VERSION' ) ) {
209	+ define( 'EDD_VERSION', '2.9.14' );
210	}
211
212	// Plugin Folder Path.

includes/process-download.php CHANGED Viewed

	@@ -7,7 +7,7 @@
7	* @copyright Copyright (c) 2015, Pippin Williamson
8	* @license http://opensource.org/licenses/gpl-2.0.php GNU Public License
9	* @since 1.0
10	- */
11
12	// Exit if accessed directly
13	if ( ! defined( 'ABSPATH' ) ) exit;
	@@ -1001,14 +1001,17 @@ function edd_local_file_location_is_allowed( $file_details, $schemas, $requested
1001
1002	// If the file is an absolute path, make sure it's in the wp-content directory, to prevent store owners from accidentally allowing privileged files from being downloaded.
1003	if ( ( ! isset( $file_details['scheme'] ) \|\| ! in_array( $file_details['scheme'], $schemas ) ) && isset( $file_details['path'] ) ) {
1004	- /** This is an absolute path */
1005
1006	- ~~$requested_file~~ = ~~realpath(~~ ~~$requested_file~~ );



1007
1008	- if ( 0 !== strpos( $requested_file, ~~ABSPATH~~ ) \|\| false === strpos( $requested_file, ~~WP_CONTENT_DIR~~ ) ) {
1009	// If the file is not within the WP_CONTENT_DIR, it should not be able to be downloaded.
1010	$should_allow = false;
1011	}

1012	}
1013
1014	return apply_filters( 'edd_local_file_location_is_allowed', $should_allow, $file_details, $schemas, $requested_file );


7	* @copyright Copyright (c) 2015, Pippin Williamson
8	* @license http://opensource.org/licenses/gpl-2.0.php GNU Public License
9	* @since 1.0
10	+ */
11
12	// Exit if accessed directly
13	if ( ! defined( 'ABSPATH' ) ) exit;

1001
1002	// If the file is an absolute path, make sure it's in the wp-content directory, to prevent store owners from accidentally allowing privileged files from being downloaded.
1003	if ( ( ! isset( $file_details['scheme'] ) \|\| ! in_array( $file_details['scheme'], $schemas ) ) && isset( $file_details['path'] ) ) {

1004
1005	+ /** This is an absolute path */
1006	+ $requested_file = wp_normalize_path( realpath( $requested_file ) );
1007	+ $normalized_abspath = wp_normalize_path( ABSPATH );
1008	+ $normalized_content_dir = wp_normalize_path( WP_CONTENT_DIR );
1009
1010	+ if ( 0 !== strpos( $requested_file, $normalized_abspath ) \|\| false === strpos( $requested_file, $normalized_content_dir ) ) {
1011	// If the file is not within the WP_CONTENT_DIR, it should not be able to be downloaded.
1012	$should_allow = false;
1013	}
1014	+
1015	}
1016
1017	return apply_filters( 'edd_local_file_location_is_allowed', $should_allow, $file_details, $schemas, $requested_file );

languages/easy-digital-downloads.pot CHANGED Viewed

	@@ -2,9 +2,9 @@
2	# This file is distributed under the same license as the Easy Digital Downloads package.
3	msgid ""
4	msgstr ""
5	- "Project-Id-Version: Easy Digital Downloads 2.9.13\n"
6	"Report-Msgid-Bugs-To: https://easydigitaldownloads.com/\n"
7	- "POT-Creation-Date: 2019-05-07 23:48:51+00:00\n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=utf-8\n"
10	"Content-Transfer-Encoding: 8bit\n"


2	# This file is distributed under the same license as the Easy Digital Downloads package.
3	msgid ""
4	msgstr ""
5	+ "Project-Id-Version: Easy Digital Downloads 2.9.14\n"
6	"Report-Msgid-Bugs-To: https://easydigitaldownloads.com/\n"
7	+ "POT-Creation-Date: 2019-05-08 19:35:59+00:00\n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=utf-8\n"
10	"Content-Transfer-Encoding: 8bit\n"

readme.txt CHANGED Viewed

	@@ -6,7 +6,7 @@ Donate link: https://easydigitaldownloads.com/donate/
6	Tags: ecommerce, e-commerce, sell, downloads, store, paypal, checkout, shop
7	Requires at least: 4.4
8	Tested up to: 5.2
9	- Stable Tag: 2.9.13
10	License: GNU Version 2 or Any Later Version
11
12	The easiest way to sell digital products with WordPress.
	@@ -189,6 +189,9 @@ Yes. Easy Digital Downloads also includes default support for Amazon Payments an
189
190	== Changelog ==
191



192	= 2.9.13, May 7, 2019 =
193	* Fix: An error was being logged when using API V2 to get products by category.
194	* Fix: Corrected an issue with multisite on versions of WordPress greater than 5.0.


6	Tags: ecommerce, e-commerce, sell, downloads, store, paypal, checkout, shop
7	Requires at least: 4.4
8	Tested up to: 5.2
9	+ Stable Tag: 2.9.14
10	License: GNU Version 2 or Any Later Version
11
12	The easiest way to sell digital products with WordPress.

189
190	== Changelog ==
191
192	+ = 2.9.14, May 8, 2019 =
193	+ * Fix: Corrected an issue in local file location detection for Windows servers.
194	+
195	= 2.9.13, May 7, 2019 =
196	* Fix: An error was being logged when using API V2 to get products by category.
197	* Fix: Corrected an issue with multisite on versions of WordPress greater than 5.0.